# Copyright 2009 http://www.yuntien.com
# Licensed under the Apache License, Version 2.0

#define roles
ROLE_ADMIN          = 'admin'
ROLE_OWNER          = 'owner'
ROLE_USER           = 'user'
ROLE_GUEST          = 'guest'

#define operations
OPERATION_QUERY     = 'query'
OPERATION_ADD       = 'add'
OPERATION_DISPLAY   = 'display'
OPERATION_EDIT      = 'edit'
OPERATION_DELETE    = 'delete'

#define authorization model
AUTH_POST = {}

AUTH_POST[ROLE_ADMIN] = {
OPERATION_QUERY     : True,
OPERATION_ADD       : True,                         
OPERATION_DISPLAY   : True,
OPERATION_EDIT      : True,                         
OPERATION_DELETE    : True,
}

AUTH_POST[ROLE_OWNER] = {
OPERATION_QUERY     : True,
OPERATION_ADD       : True,                         
OPERATION_DISPLAY   : True,
OPERATION_EDIT      : True,                         
OPERATION_DELETE    : True,                         
}

AUTH_POST[ROLE_USER] = {
OPERATION_QUERY     : True,
OPERATION_ADD       : True,                         
OPERATION_DISPLAY   : True,
OPERATION_EDIT      : False,                         
OPERATION_DELETE    : False,                         
}

AUTH_POST[ROLE_GUEST] = {
OPERATION_QUERY     : True,
OPERATION_ADD       : False,                         
OPERATION_DISPLAY   : True,
OPERATION_EDIT      : False,                         
OPERATION_DELETE    : False,                         
}

AUTH_COMMENT = {}

AUTH_COMMENT[ROLE_ADMIN] = {
OPERATION_QUERY     : True,
OPERATION_ADD       : True,                         
OPERATION_DISPLAY   : True,
OPERATION_EDIT      : True,                         
OPERATION_DELETE    : True,
}

AUTH_COMMENT[ROLE_OWNER] = {
OPERATION_QUERY     : True,
OPERATION_ADD       : True,                         
OPERATION_DISPLAY   : True,
OPERATION_EDIT      : True,                         
OPERATION_DELETE    : True,                         
}

AUTH_COMMENT[ROLE_USER] = {
OPERATION_QUERY     : True,
OPERATION_ADD       : True,                         
OPERATION_DISPLAY   : True,
OPERATION_EDIT      : False,                         
OPERATION_DELETE    : False,                         
}

AUTH_COMMENT[ROLE_GUEST] = {
OPERATION_QUERY     : True,
OPERATION_ADD       : False,                         
OPERATION_DISPLAY   : True,
OPERATION_EDIT      : False,                         
OPERATION_DELETE    : False,                         
}

AUTH_MODEL = {
'YTPost'            : AUTH_POST,
'YTComment'         : AUTH_COMMENT,
}
